Tag: GDPR Emails

Posted on by

How to Stop an Email Being Forwarded (for Free)

handing a piece of paper off over the table. How to stop emails being forwarded feature image

The risk of a data breach is higher than ever and still, not many people realise that your emails can be a breach of GDPR!  

All it takes is for someone to forward an email containing sensitive data to unwanted 3rd parties and bada bing, bada boom, you’re in breach.

(there are other ways your email can breach GDPR – check those out here)

5 Ways Your Emails Could Breach GDPR

So, how do you solve this?

GDPR Email Security in the Data Protection Era

Small and micro-business owners or entrepreneurs aren’t exempt from GDPR and they must still find solutions that will make them compliant.

While large enterprises have the means to implement the newest security measures easily, smaller businesses and entrepreneurs just don’t often have access to the right technology.

The simplest way to protect the data is to encrypt your email so you retain control over all data you send. Encryption ensures that only the contents of your email are accessible by the right recipient. If somebody else gets it by mistake or because it was forwarded, they won’t be able to read the contents.

The alternative is having a ‘Do Not Forward’ function on that prohibits the receiver from forwarding the email in the first place. Best case, you have both in place for full protection

How to Encrypt Your Email Messages

You can do this with Microsoft Azure Information Protection (AIP), which helps businesses classify and protect emails and other documents with a labelling system.

This system can even automatically detect sensitive data when configured correctly. With AIP, only the rightful recipient can read the email, and they won’t be able to forward it to anyone.

Unfortunately, this solution can be pricey for smaller businesses and the tool is focused towards the larger enterprises.

Smaller businesses and entrepreneurs need to look elsewhere.

My Protected Mail Helps You Keep Email Data Confidential

This is where My Protected Mail can help you here. This solution is similar to AIP but specifically focuses on providing services to small businesses, micro-businesses, and individuals. My Protected Mail offers encryption services (EaaS – encryption as a service) for your email communication. This benefits business owners because:

  • My Protected Mail not only uses the same principle as AIP but also the same architecture – it’s powered by Microsoft 365 Azure Information Protection.
  • The encryption process is automatic and super easy to use. When emailing through My Protected Mail, it will be encrypted automatically, giving you control over all data you are sending.
  • Each email you send through the system is also automatically flagged as “Do not forward.” This ensures all contents of the email stay with the recipient and cannot be shared with other parties.

 

How to Use My Protected Mail to Encrypt Email Messages

My Protected Mail is a cloud-based solution and doesn’t require any additional software installation on your part; you just need to make a few changes in the way you send your email. Here’s how:

    1. Instead of putting the recipient address into the recipient header, you will put [email protected] in there.
    2. The recipient email address goes to the Subject line instead.
    3. When you have finished writing your email, hit Send, and that’s it!

(Plus it works on whatever device or service you’re using so can work on a MAC too)

Sending Encrypted Email From a MAC

The recipient will get an email that will require an OTP (one-time passcode) to access the email. This passcode is received once the recipient clicks the link “Sign in with a one-time passcode.”

The best thing is you can try it out for free as the Free plan allows you to send up to fifteen emails per month and includes basic reply functionality (meaning you will continue the conversation protected).

Posted on by

How Azure Information Protection Can Be Used in GDPR Email Compliance

Today, businesses make data-driven decisions in order to have a competitive edge. If your business deals with personal data from customers, it is required to be compliant with EU’s General Data Protection Regulation (GDPR) requirements this means disclosing how it handles data and ensuring that data remains safe.

Everything You Need To Know About GDPR & How It Will Affect Your Business

Why You Should Use Azure Information Protection for GDPR Emails

Sending sensitive data internally or to recipients outside your company carries a certain risk. Every email you send could lead to a disclosure of sensitive data, which constitutes a breach of GDPR. Therefore, investing in the protection of emails and files that are sent is crucial.

Azure Information Protection help keep your emails safe through advanced encryption and protects data at a file level with any attachments you might share too.

It’s a great solution that we recommend to our clients and one we can deploy seamlessly.

How to Install Microsoft’s Azure Information Protection for Small Businesses

While GDPR email compliance may seem like just another regulatory hassle, it is actually an opportunity to invest into your company’s digital security. The most recent data from the Ponemon Institute shows that the global cost of a data breach is increasing steadily, and in 2018, it has reached $3.86 million.

If that’s not enough to convince you, why not use IBM’s data breach cost calculator and see what yours could actually cost.

The Latest Data Breach Report Shows a Troubling Trend

A data breach carries serious consequences, and every business operation will suffer financial, sales, marketing, safety, you name it. The 2018 Cost of a Data Breach Study states there are three main causes of a data breach, with percentages of attack globally being:

  • Malicious or criminal attack the main reason for 48% of all breaches
  • System malfunction the cause of 25% of all breaches
  • Human error the cause of 27% of all breaches

The report shows that human error was the reason behind a data breach more often than a system malfunction was, while malicious and criminal attack took first place.

Note: It’s important to state that human error only includes insiders who were careless, while malicious attacks also include insiders, third parties, and contractors who caused a data breach intentionally.

In the UK specifically, malicious and criminal attacks were the reason of 50% of all breaches, human error was behind 26%, with system glitch causing only 24% of all data breaches.

This means as high as:

 76% of all GDPR breaches in the UK can be caused by either negligence or malicious intent.

Which can be vastly reduced when using a file or email encryption like Azure’s Information Protection

The True Cost of a Data Breach to Your Business

How AIP for GDPR Emails Keeps You Compliant

Azure Information Protection (AIP) is a cloud-based service that allows you to protect any sensitive and confidential data through encryption. You can protect local data you keep on your devices or data that you store in the cloud. When you send that data outside of your company, the encryption remains in place because it’s active at a file-level.

This means that even if you’re compromised, documents that are recovered cannot be read or unencrypted. Plus, intercepted emails cannot be read unless the intended user verifies themselves.

Ultimately, AIP can’t stop your users from making a mistake, but it can support them and arm them with the tools to protect company data properly.

Azure Information Protection Protects Against Malicious Intent

For example, if one of your employees or third-party recipients wants to email a file to an unauthorised person, they won’t be able to do so. Plus, AIP has a great feature called Do Not Forward for GDPR compliant emails. When this option is used, the recipient must first be authenticated to even view the email, and this is all they can do. They can’t forward the email or print, or screenshot. This ensures the email is for their eyes only and that they cannot execute a data breach by forwarding onto non-approved users that would lead to GDPR violation.

Documents attached to these emails are also counted as DO NOT FORWARD and will have the same restrictions.

Azure Information Protection Activity

Not only does AIP limit who can view the data, but it also tracks how that data is being used. By doing so, it ensures that data is safe at all times and that GDPR compliance standards are met. Plus, if you suspect there’s a risk that the data could be used in a way that violates GDPR regulations, you can even revoke access to it.

There are a range of other uses for Azure Information Protection to help keep your company emails and files protected. If you need help learning the reigns or want to deploy Azure Information Protection Yourselves, get started today by clicking here.